I have a networking question concerning vlans. I have multiple Hp ProCurve switches with multiple vlans configured. Actually voice, data, and guest vlans. The switches are connected together by way of trunk ports. I’d like to configure a pfSense box that I can insert between certain switches as QOS gateway that would apply different QOS setting to each vlan. From what I’ve read so far it sounds like I can have pfSense set up in a bridged mode to accomplish this. The part that I think I need but can’t figure out is how to make the interfaces on the pfSense box operate as a trunk port. Is it possible to do this? If not is there some other or better way to accomplish my goal?
awebster last edited by
… can’t figure out is how to make the interfaces on the pfSense box operate as a trunk port. Is it possible to do this?
Interfaces -> (assign) -> VLANs tab
Set the parent interface to the physical interface, and define the VLAN tag you want. This will be tagged on the parent interface.
Then go back to Interfaces -> (assign) -> Interface assignments, and it will appear in the list, click + to add the selected Interface, after which it will appear in the Interfaces menu and you can configure it as you see fit.
Note that whatever is configured on the parent interface, is untagged, and whatever VLAN interface you configure is tagged.
Repeat as necessary.
Thanks for your reply. I'm able to follow that for adding the vlans. It seems like there should be a next step where the interface port is made a trunking port. I'm relying my experience with the procurve swirches. With the switches you assign a port to be a trunk port and them assign vlans to it. I tried adding all the vlans to an interface but that didn't seem to do the trick. I assume there is some additional step I'm missing.
awebster last edited by
Keep in mind that the physical interface is going to handle any untagged traffic, and that the vlan interfaces will handle the tagged traffic corresponding to the vlan tag #.
In my previous example, don't forget to add the newly defined VLAN by clicking the + button beside the name
It will then become OPT1 (or OPT2 in my case).
The you have to click Interfaces -> OPT1 (or whatever name it showed up as)
You must then enable the interface
Lastly, set up whatever parameters you want it to use.
I think you are confused, pfsense does not have a "trunk port", pfsense can have a many Virtual LAN interfaces on the same physical interface, and this interface must be connected in a trunk port, because pfsense handles tagged traffic in this port.
Pfsense must have a vlan adapter by each vlan configured on switch, if is not, pfsense cannot communicate with that vlan.
Okay now I think I get it. The interface that the vlans are assigned to is able to connect to the trunk port on the switch by virtue of having the sames vlan numbers assigned to it as those configured on the switch. Is that what you are saying?